Web Server Logs Preprocessing for Web Intrusion Detection

Shaimaa Ezzat Salama, Mohamed I. Marie, Laila M. El-Fangary, Yehia K. Helmy

Abstract


Securing e-commerce sites has become a necessity as they process critical and sensitive data to customers and organizations. When a customer navigates through an e-commerce site his/her clicks are recorded in web log file. Analyzing these log files using data mining reveal many interesting patterns. These results are used in many different applications and recently in detecting attacks on web. In order to improve quality of data and consequently the mining results data in log files need first to be preprocessed. In this paper, we will discuss how different web log files with different formats will be combined together in one unified format using XML in order to track and extract more attacks. And because log files usually contain noisy and ambiguous data this paper will show how data will be preprocessed before applying mining process in order to detect attacks. We will also discuss the difference between log preprocessing for web intrusion and for web usage mining

Full Text: PDF DOI: 10.5539/cis.v4n4p123

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.

Computer and Information Science   ISSN 1913-8989 (Print)   ISSN 1913-8997 (Online)
Copyright © Canadian Center of Science and Education

To make sure that you can receive messages from us, please add the 'ccsenet.org' domain to your e-mail 'safe list'. If you do not receive e-mail in your 'inbox', check your 'bulk mail' or 'junk mail' folders.